Summary
Geospatial data refers to the resources associated with location information represented by longitude and latitude. Its increasing availability and the tools to integrate and visualize the various types of data facilitate conducting sophisticated analysis and discovering hidden patterns. Therefore, uncontrolled dissemination of geospatial data may have grave consequences for national security and personal privacy. Access control for this data is based on its geospatial location, content and context, the credentials and characteristics of the users requesting access as well as the time at which the data is captured and requested. In this chapter, we review the different access control models proposed by researchers for controlled dissemination of geospatial data. Since geospatial data is increasingly obtained from third party Web services, we also review the security models presented in the area of geospatial Web services.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Ashraful Alam, Ganesh Subbiah, Bhavani Thuraisingam, and Latifur Khan. Reasoning with semantics-aware access control policies for geospatial web services. In SWS ’06: Proceedings of the 3rd ACM workshop on Secure web services, pages 69–76, New York, NY, USA, 2006. ACM Press.
Claudio A. Ardagna, Marco Cremonini, Ernesto Damiani, Sabrina De Capitani di Vimercati, and Pierangela Samarati. Supporting location-based conditions in access control policies. In ASIACCS ’06: Proceedings of the 2006 ACM Symposium on Information, computer and communications security, pages 212–222, New York, NY, USA, 2006. ACM Press.
Vijayalakshmi Atluri and Soon Ae Chun. An Authorization Model for Geospatial Data. IEEE Transactions on Dependable and Secure Computing, 1(4):238–254, 2004.
Vijayalakshmi Atluri and Soon Ae Chun. A Geotemporal Role-based Authorization System. International Journal of Information and Computer Security, 1(1/2):143–168, 2007.
John C. Baker, Beth E. Lachman, David R. Frelinger, Kevin M. O’Connell, Alexander C. Hou, Michael S. Tseng, David Orletsky, and Charles Yost. Mapping the Risks: Assessing the Homeland Security Implications of Publicly Available Geospatial Information. Technical report, RAND National Defense Research Institute, RAND Corporation, 2004.
Tom Barclay, Jim Gray, and Don Slutz. Microsoft TerraServer: a spatial data warehouse. In SIGMOD ’00: Proceedings of the 2000 ACM SIGMOD international conference on Management of data, pages 307–318, New York, NY, USA, 2000. ACM Press.
Elisa Bertino, Barbara Catania, Maria Luisa Damiani, and Paolo Perlasca. GEO-RBAC: a spatially aware RBAC. In Proceeding of the 10th ACM Symposium on Access Control Models and Technologies (SACMAT 2005), pages 29–37, 2005.
Soon Ae Chun and Vijayalakshmi Atluri. Protecting Privacy from Continuous High-resolution Satellite Surveillance. In Data and Application Security, Development and Directions, IFIP TC11/ WG11.3 Fourteenth Annual Working Conference on Database Security, pages 233–244, 2000.
Michael J. Covington, Prahlad Fogla, Zhiyuan Zhan, and Mustaque Ahamad. A Context-Aware Security Architecture for Emerging Applications. In Proccedings of 18th Annual Computer Security Applications Conference (ACSAC’2002), pages 249–260, 2002.
Michael J. Covington, Wende Long, Srividhya Srinivasan, Anind K. Dey, Mustaque Ahamad, and Gregory D. Abowd. Securing context-aware applications using environment roles. In Proceedings of the 6th ACM Symposium on Access Control Models and Technologies (SACMAT 2001), pages 10–20, 2001.
Maria Luisa Damiani, Elisa Bertino, Barbara Catania, and Paolo Perlasca. GEO-RBAC: A spatially aware RBAC. ACM Transactions of Information Systems Security, 10(1), 2007.
Deborah L. McGuinness and Frank van Harmelen. Owl web ontology language overview: W3c recommendation 10. Technical report, W3C, 2004. http://www.w3.org/TR/owl-features/.
Federal Geographic Data Committee. Geospatial Metadata Standards.
Google . Google Earth, 2007. http://earth.google.com.
Google . Google Maps API, 2007. http://www.google.com/apis/maps/documentation/.
Andreas Matheaus. Declaration and enforcement of finegrained access restrictions for a service-based geospatial data infrastructure. In Proceedings of tenth ACM symposium on Access control models and technologies, 2005.
Andreas Matheus. Geospatial extensible access control markup language (geoxacml). Technical report, Open Geospatial Consortium, Inc., 2007. http://xml.coverpages.org/OGC-07-026-RFC-Submission-GeoXACML-Implementation% Specification.pdf.
Microsoft Corporation. Microsoft Virtual Earth, 2007. http://www.microsoft.com/virtualearth/default.mspx.
Tim Moses. eXtensible Acess Control Markup Language (XACML) Version 2.0. Technical report.
National Oceanic and Atmospheric Administration (NOAA). NOAA KLM User’s Guide, 2000. http://www2.ncdc.noaa.gov/docs/klm/html/c3/sec3-1.htm.
Douglas Nebert, Arliss Whiteside, and Panagiotis Vretanos. OpenGIS Catalogue Service Implementation Specification Version 2.0.2. Technical report, Open Geospatial Consortium, Inc., 2007. http://www.opengeospatial.org/standards/cat.
Open Geospatial Consortium, Inc. OpenGIS Web Map Service Implementation Specification, 2006. http://www.opengeospatial.org/standards/wms.
UNEP: United Nations Environmental Programme. Geo Data Portal, 2006. http://geodata.grid.unep.ch/.
Satellite Imaging Corporation. Satellite Imaging Sensors, 2001. http://www.satimagingcorp.com/satellite-sensors.html: Accessed in 2007.
Alessandra Toninelli, Rebecca Montanari, Lalana Kagal, and Ora Lassila. A Semantic Context-Aware Access Control Framework for Secure Collaborations in Pervasive Computing Environments. In The Semantic Web - Proceedings of the 5th International Semantic Web Conference (ISWC 2006), pages 473–486, 2006.
USDA. USDA Geospatial Data Gateway, 2006. http://gcmd.nasa.gov/records/USDA_Geo_Gateway.html.
Graham Vowles. Geospatial Digital Rights Management Reference Model (GeoDRM RM) Version 1.0.0. Technical report.
Guangsen Zhang and Manish Parashar. Dynamic Context-aware Access Control for Grid Applications. In Proceedings of the 4th International Workshop on Grid Computing (GRID 2003), pages 101–108, 2003.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2008 Springer Science+Business Media, LLC.
About this chapter
Cite this chapter
Chun, S.A., Atluri, V. (2008). Geospatial Database Security. In: Gertz, M., Jajodia, S. (eds) Handbook of Database Security. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-48533-1_11
Download citation
DOI: https://doi.org/10.1007/978-0-387-48533-1_11
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-387-48532-4
Online ISBN: 978-0-387-48533-1
eBook Packages: Computer ScienceComputer Science (R0)